Author: Peter Barnett Date: May 31, 2019
One of the greatest advantages of having an Active Directory Domain is the possibility to deploy software via GPO (Group Policy Object). Software deployment is crucial in business environments to save time and money. Therefore, Microsoft not only gives us a simple way to execute msi file, but also provides a quick solution to uninstall it when we don’t need it anymore. So, this manual shows you one of the ways to install software remotely.
To deploy software GPO in Group Policy Management, expand the node of the desired forest, and then expand the Domains node in it. Right-click the Employees node. As a result, a context menu will open, in which select the Create a GPO in this domain command, and Link it here
In the New GPO dialog box, enter a friendly name for the new GPO, for example, Software Deployment. If you want to use the starting GPO as a source of parameters, select it in the Source Starter GPO list. When you click OK, a new GPO is added to the Group Policy Objects container.
Right-click the new GPO and select Edit. Configure the required settings in the policy editor and close the editor.
In the Group Policy Management Editor snap-in, go to “Computer Configuration > Policies > Software Settings > Software installation”. Right click on the item “Software installation”, select “New > Packages”
We are setting up a Computer Configuration policy, so we can only assign the application and not publish it. Assigned applications will be installed at the first reboot or policy update while published applications will be available for the users to be installed or removed. For this reason, you can only publish application to users. The Advanced option simply make us able to edit the application deployment Properties.
In the properties dialog of the installation package, which pops up a few seconds after specifying the deployment method, you can specify additional parameters. After you have made all the necessary changes, click "OK."
The policy editing window should look like this (screenshot).
To remove software using GPO, in the Group Policy Management Editor snap-in, expand User Configuration \ Policies \ Software Configuration, go to the Software Installation node and click on this node with the left mouse button. Your installed program appears in the window. Click on it with the right mouse button and select "All tasks" => "Delete" from the pop-up menu.
After that, the "Remove Applications" window pops up. Select in this window the option "Immediately remove this application from the computers of all users." Close the window of the Group Policy Management Editor, in cmd enter and execute the
gpupdate /force command, and then restart the server.
Fully functional free edition for up to 10 endpoints with no expiration date. More details >